/Amass

In-depth Attack Surface Mapping and Asset Discovery

Primary LanguageGoOtherNOASSERTION

CircleCI Status GitHub release Go Version License

Bugcrowd LevelUp 0x04 DEF CON 27 Demo Labs DEF CON 27 Recon Village


DNS Enumeration


The OWASP Amass Project has developed a tool to help information security professionals perform network mapping of attack surfaces and perform external asset discovery using open source information gathering and active reconnaissance techniques.

Information Gathering Techniques Used:

  • DNS: Basic enumeration, Brute forcing (optional), Reverse DNS sweeping, Subdomain name alterations/permutations, Zone transfers (optional)
  • Scraping: Ask, Baidu, Bing, DNSDumpster, DNSTable, Dogpile, Exalead, Google, HackerOne, IPv4Info, Netcraft, PTRArchive, Riddler, SiteDossier, ViewDNS, Yahoo
  • Certificates: Active pulls (optional), Censys, CertSpotter, Crtsh, Entrust, GoogleCT
  • APIs: AlienVault, BinaryEdge, BufferOver, CIRCL, CommonCrawl, DNSDB, GitHub, HackerTarget, IPToASN, Mnemonic, NetworksDB, PassiveTotal, Pastebin, RADb, Robtex, SecurityTrails, ShadowServer, Shodan, Spyse (CertDB & FindSubdomains), Sublist3rAPI, TeamCymru, ThreatCrowd, Twitter, Umbrella, URLScan, VirusTotal, WhoisXML
  • Web Archives: ArchiveIt, ArchiveToday, Arquivo, LoCArchive, OpenUKArchive, UKGovArchive, Wayback

Documentation

Use the Installation Guide to get started.

Go to the User's Guide for additional information.

Community

Contribute Yes Chat on Discord Follow on Twitter

Project Leader

Follow on Twitter

Contributors

This project improves thanks to all the people who contribute:

Follow on Twitter Follow on Twitter Follow on Twitter Follow on Twitter Follow on Twitter Follow on Twitter Follow on Twitter Follow on Twitter Email NanoDano Follow on Twitter Follow on Twitter Follow on Twitter Follow on Twitter

Mentions

Rawsec's CyberSecurity Inventory